Implement Push client secret store and test it.

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/VectorPushHandler.kt

@@ -28,6 +28,7 @@ import io.element.android.libraries.core.log.logger.LoggerTag
 import io.element.android.libraries.core.meta.BuildMeta
 import io.element.android.libraries.di.ApplicationContext
 import io.element.android.libraries.push.api.store.PushDataStore
+import io.element.android.libraries.push.impl.clientsecret.PushClientSecret
 import io.element.android.libraries.push.impl.model.PushData
 import io.element.android.libraries.push.impl.notifications.NotifiableEventResolver
 import io.element.android.libraries.push.impl.notifications.NotificationActionIds
@@ -49,6 +50,7 @@ class VectorPushHandler @Inject constructor(
     // private val activeSessionHolder: ActiveSessionHolder,
     private val pushDataStore: PushDataStore,
     private val defaultPushDataStore: DefaultPushDataStore,
+    private val pushClientSecret: PushClientSecret,
     private val actionIds: NotificationActionIds,
     @ApplicationContext private val context: Context,
     private val buildMeta: BuildMeta
@@ -114,7 +116,8 @@ class VectorPushHandler @Inject constructor(
             }
 
             /* TODO EAx
-            - Open session
+            - Retrieve secret and use pushClientSecret
+            - Open matching session
             - get the event
             - display the notif
 

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecret.kt

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+interface PushClientSecret {
+    /**
+     * To call when registering a pusher. It will return the existing secret or create a new one.
+     */
+    suspend fun getSecretForUser(userId: String): String
+
+    /**
+     * To call when receiving a push containing a client secret.
+     * Return null if not found.
+     */
+    suspend fun getUserIdFromSecret(clientSecret: String): String?
+
+    /**
+     * To call when the user signs out.
+     */
+    suspend fun resetSecretForUser(userId: String)
+}

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecretFactory.kt

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+interface PushClientSecretFactory {
+    fun create(): String
+}

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecretFactoryImpl.kt

@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+import com.squareup.anvil.annotations.ContributesBinding
+import io.element.android.libraries.di.AppScope
+import java.util.UUID
+
+@ContributesBinding(AppScope::class)
+class PushClientSecretFactoryImpl : PushClientSecretFactory {
+    override fun create(): String {
+        return UUID.randomUUID().toString()
+    }
+}

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecretImpl.kt

@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+import com.squareup.anvil.annotations.ContributesBinding
+import io.element.android.libraries.di.AppScope
+import javax.inject.Inject
+
+@ContributesBinding(AppScope::class)
+class PushClientSecretImpl @Inject constructor(
+    private val pushClientSecretFactory: PushClientSecretFactory,
+    private val pushClientSecretStore: PushClientSecretStore,
+) : PushClientSecret {
+    override suspend fun getSecretForUser(userId: String): String {
+        val existingSecret = pushClientSecretStore.getSecret(userId)
+        if (existingSecret != null) {
+            return existingSecret
+        }
+        val newSecret = pushClientSecretFactory.create()
+        pushClientSecretStore.storeSecret(userId, newSecret)
+        return newSecret
+    }
+
+    override suspend fun getUserIdFromSecret(clientSecret: String): String? {
+        return pushClientSecretStore.getUserIdFromSecret(clientSecret)
+    }
+
+    override suspend fun resetSecretForUser(userId: String) {
+        pushClientSecretStore.resetSecret(userId)
+    }
+}

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecretStore.kt

@@ -0,0 +1,24 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+interface PushClientSecretStore {
+    suspend fun storeSecret(userId: String, clientSecret: String)
+    suspend fun getSecret(userId: String): String?
+    suspend fun resetSecret(userId: String)
+    suspend fun getUserIdFromSecret(clientSecret: String): String?
+}

libraries/push/impl/src/main/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecretStoreDataStore.kt

@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+import android.content.Context
+import androidx.datastore.core.DataStore
+import androidx.datastore.preferences.core.Preferences
+import androidx.datastore.preferences.core.edit
+import androidx.datastore.preferences.core.stringPreferencesKey
+import androidx.datastore.preferences.preferencesDataStore
+import com.squareup.anvil.annotations.ContributesBinding
+import io.element.android.libraries.di.AppScope
+import io.element.android.libraries.di.ApplicationContext
+import kotlinx.coroutines.flow.first
+import javax.inject.Inject
+
+private val Context.dataStore: DataStore<Preferences> by preferencesDataStore(name = "push_client_secret_store")
+
+@ContributesBinding(AppScope::class)
+class PushClientSecretStoreDataStore @Inject constructor(
+    @ApplicationContext private val context: Context,
+) : PushClientSecretStore {
+    override suspend fun storeSecret(userId: String, clientSecret: String) {
+        context.dataStore.edit { settings ->
+            settings[getPreferenceKeyForUser(userId)] = clientSecret
+        }
+    }
+
+    override suspend fun getSecret(userId: String): String? {
+        return context.dataStore.data.first()[getPreferenceKeyForUser(userId)]
+    }
+
+    override suspend fun resetSecret(userId: String) {
+        context.dataStore.edit { settings ->
+            settings.remove(getPreferenceKeyForUser(userId))
+        }
+    }
+
+    override suspend fun getUserIdFromSecret(clientSecret: String): String? {
+        val keyValues = context.dataStore.data.first().asMap()
+        val matchingKey = keyValues.keys.firstOrNull {
+            keyValues[it] == clientSecret
+        }
+        return matchingKey?.name
+    }
+
+    private fun getPreferenceKeyForUser(userId: String) = stringPreferencesKey(userId)
+}

libraries/push/impl/src/test/kotlin/io/element/android/libraries/push/impl/clientsecret/FakePushClientSecretFactory.kt

@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+private const val A_SECRET_PREFIX = "A_SECRET_"
+
+class FakePushClientSecretFactory : PushClientSecretFactory {
+    private var index = 0
+
+    override fun create() = getSecretForUser(index++)
+
+    fun getSecretForUser(i: Int): String {
+        return A_SECRET_PREFIX + i
+    }
+}

libraries/push/impl/src/test/kotlin/io/element/android/libraries/push/impl/clientsecret/InMemoryPushClientSecretStore.kt

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.push.impl.clientsecret
+
+class InMemoryPushClientSecretStore : PushClientSecretStore {
+    private val secrets = mutableMapOf<String, String>()
+
+    fun getSecrets(): Map<String, String> = secrets
+
+    override suspend fun storeSecret(userId: String, clientSecret: String) {
+        secrets[userId] = clientSecret
+    }
+
+    override suspend fun getSecret(userId: String): String? {
+        return secrets[userId]
+    }
+
+    override suspend fun resetSecret(userId: String) {
+        secrets.remove(userId)
+    }
+
+    override suspend fun getUserIdFromSecret(clientSecret: String): String? {
+        return secrets.keys.firstOrNull { secrets[it] == clientSecret }
+    }
+}

libraries/push/impl/src/test/kotlin/io/element/android/libraries/push/impl/clientsecret/PushClientSecretImplTest.kt

@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+@file:OptIn(ExperimentalCoroutinesApi::class)
+
+package io.element.android.libraries.push.impl.clientsecret
+
+import com.google.common.truth.Truth.assertThat
+import kotlinx.coroutines.ExperimentalCoroutinesApi
+import kotlinx.coroutines.test.runTest
+import org.junit.Test
+
+private const val A_USER_ID_0 = "A_USER_ID_0"
+private const val A_USER_ID_1 = "A_USER_ID_1"
+
+private const val A_UNKNOWN_SECRET = "A_UNKNOWN_SECRET"
+
+internal class PushClientSecretImplTest {
+
+    @Test
+    fun test() = runTest {
+        val factory = FakePushClientSecretFactory()
+        val store = InMemoryPushClientSecretStore()
+        val sut = PushClientSecretImpl(factory, store)
+
+        val secret0 = factory.getSecretForUser(0)
+        val secret1 = factory.getSecretForUser(1)
+        val secret2 = factory.getSecretForUser(2)
+
+        assertThat(store.getSecrets()).isEmpty()
+        assertThat(sut.getUserIdFromSecret(secret0)).isNull()
+        // Create a secret
+        assertThat(sut.getSecretForUser(A_USER_ID_0)).isEqualTo(secret0)
+        assertThat(store.getSecrets()).hasSize(1)
+        // Same secret returned
+        assertThat(sut.getSecretForUser(A_USER_ID_0)).isEqualTo(secret0)
+        assertThat(store.getSecrets()).hasSize(1)
+        // Another secret returned for another user
+        assertThat(sut.getSecretForUser(A_USER_ID_1)).isEqualTo(secret1)
+        assertThat(store.getSecrets()).hasSize(2)
+
+        // Get users from secrets
+        assertThat(sut.getUserIdFromSecret(secret0)).isEqualTo(A_USER_ID_0)
+        assertThat(sut.getUserIdFromSecret(secret1)).isEqualTo(A_USER_ID_1)
+        // Unknown secret
+        assertThat(sut.getUserIdFromSecret(A_UNKNOWN_SECRET)).isNull()
+
+        // User signs out
+        sut.resetSecretForUser(A_USER_ID_0)
+        assertThat(store.getSecrets()).hasSize(1)
+        // Create a new secret after reset
+        assertThat(sut.getSecretForUser(A_USER_ID_0)).isEqualTo(secret2)
+
+        // Check the store content
+        assertThat(store.getSecrets()).isEqualTo(
+            mapOf(
+                A_USER_ID_0 to secret2,
+                A_USER_ID_1 to secret1,
+            )
+        )
+    }
+}